On Wed, Jan 24, 2001 at 09:45:53AM -0800, Geoff Thorpe wrote:
> A "standard" (eg. RC4-SHA, 1024-bit RSA, no client-authentication) SSL
> session typically encodes to around 130-150 bytes. Introduce
> client-certificate authentication into the picture (with no cert-chains,
> just a single CA-signed client cert for 1024-bit RSA) and the sessions can
> go up around the 1K mark (the certificate components/fields can determine
> the actual encoding length which is why I had a slight but disastrous
> variance between two different test certs). Introduce client cert chains,
> and ... well ... you get the picture. This is one of the reasons that it
....
OpenSSL only stores the peer's certificate but not the rest of the chain.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/
Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129
Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
